[WEB SECURITY] Tools or software for hacking windows/iis.

Schmidt, Albert E AES at ola.state.md.us
Thu Dec 21 12:30:23 EST 2006


Hello group, I am auditing a Windows 2000 web server that has not been patched for 2 years.  I am looking for tools that could be used to exploit know vulnerabilities - I do not want to damage the server, but would like to demonstrate the security weakness for my work papers.  I have heard that there are tools such as iishack.exe that may be able to help.  I would like an easy tool, as I am not that technical.  I have a basic understanding of web application security.
 
Thank you,
 
Albert E. Schmidt, CPA
Senior Information System Auditor
Office of Legislative Audits
Department of General Services
Maryland General Assembly

----------------------------------------------------------------------------
The Web Security Mailing List: 
http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list